Please help provide a solution or information on this issue. The problem lies in the server-to-server OAuth token generation, where the previous token does not expire when a new token is generated. This results in the old token remaining valid, even if a new token is requested from Zoom’s API. The issue is not limited to the standard one-hour token expiration, as the old token should ideally be invalidated whenever a new token is requested.
Thanks for reaching out to us and welcome to our Developer Community, I am happy to help here!
What you are seeing is expected, we recently rolled out a new feature where the generation of a new token does not invalidate the previous one:
Hi @elisa.zoom ,
Earlier, the token used to expire once we generated a new one. To achieve this, we developed other mechanisms. However, now we are facing an issue where the same behavior is not occurring. Our requirement is that when a new token is generated, the previous token should expire. We need assistance on how to accomplish this.
Due to a high number of requests, we launched this new feature where the generation of a new token won’t invalidate the previous one.
You can leverage one of our Oauth endpoint to revoke an access token: